WP Activity Log

Monitor activity on your WordPress sites and get clear insights into what's happening with detailed user and event logging. Keep WordPress logs of everything that happens on your sites and multisite networks with WP Activity Log to:

• Track user logins and logouts to ensure service level agreements (SLAs) are consistently met
• Record failed login attempts to identify potential security breaches and enhance site security
• Monitor user activity and productivity to promote accountability
• Know what happened before an outage for easier troubleshooting
• Know exactly what all your users are doing
• Ensure compliance with regulations and standards such as GDPR and PCI DSS
• Better manage & organize your site & users
• Easily detect suspicious activity on your WordPress site before it escalates into security issues

WP Activity Log is a complete logging solution, helping hundreds of thousands of administrators and security professionals track changes on their websites thanks to real-time user activity monitoring. [youtube https://www.youtube.com/watch?v=pgFEMIvKFTA] WordPress changes and details WP Activity Log keeps track of A website activity log is an important tool in improving troubleshooting, compliance, user management, and security. Get WP Activity Log and keep track of events on your site. The log not only tells you that a post, a user profile, or an object was updated, it also lets you know exactly what changed, when, and includes a user log (by whom) so you always have the information you need. Below is a summary of the changes that the plugin can keep a record of:

• Post, page and custom post type changes such as status, content changes, title, URL, custom field, and other metadata changes
• Tags and category changes such as creating, modifying or deleting them, and adding or removing them from posts
• Widget and menu changes such as creating, modifying, or deleting them
• User changes such as user created or registered, deleted, or added to a site on multisite network
• User profile changes such as password, email, display name, and role changes
• Access logging such as user login, logout, failed logins, and terminating other sessions
• WordPress core and settings changes such as installed updates, permalinks, default role, URL, and other site-wide changes
• WordPress multisite network changes such as adding, deleting or archiving sites, adding or removing users from sites, etc.
• Plugin and Theme changes such as installing, activating, deactivating, uninstalling, and updating
• WordPress database changes such as when a plugin adds or removes a table
• Changes to WooCommerce Stores & products, Yoast SEO, WPForms, Gravity Forms, Advanced Custom Fields (ACF), MainWP and other popular WordPress plugins.
• WordPress site file changes such as new files are added, or existing ones are modified or deleted.

Detailed event logging ensures that for every event that the plugin records, it reports the:

• Date & time (and milliseconds) of when it happened
• User & role of the user who did the change
• Source IP address from where the change happened
• The object on which the change has taken place

Refer to WordPress activity log event IDs for a complete list of all the changes WP Activity Log can keep a record of and a detailed explanation of what change every event ID represents. Upgrade to WP Activity Log Premium and get even more The premium edition of WP Activity Log takes WordPress user activity tracking to the next level. It comes bundled with even more features to take your WordPress website administration and security to the next level. Premium features list

• See who is logged in and their current activities in real-time
• Log off any user at the click of a button
• Generate fully-configurable HTML and CSV reports
• Get email and SMS notifications with important changes (fully configurable)
• Search filters to fine tune the search results and find what you need in seconds
• Store activity log in an external database to improve security and scalability
• Mirror the activity log to logs management systems such as AWS CloudWatch, Loggly, and Papertrail in real-time
• Easily mirror the logs in real-time to business communication systems such as Slack
• Send a copy of your websites' activity log to a log file on your web server in real-time
• Archive old activity log data to another database for better storage and log management

Refer to the WP Activity Log plugin features and benefits page to learn more about the benefits of upgrading to WP Activity Log Premium. WP Activity Log third-party plugin support All WP Activity Log editions include activity tracking for third-party plugins, including:

• WooCommerce: Keep a log of changes to the WooCommerce store settings, orders, products, coupons, and much more
• Yoast SEO: Keep a log of changes to Yoast SEO settings, on-page SEO in the Yoast SEO meta box, and much more
• WPForms: Keep a log of changes to WPForms settings, forms, form files, entries (leads) and more
• Gravity Forms: Keep a log of changes to Gravity Forms settings, forms, forms settings, entries (leads), and more
• MemberPress: Keep a log of changes to your MemberPress powered website, including plugin settings changes, memberships, payments, subscriptions and other changes that your team does on your website
• bbPress: Keep a log of changes to bbPress forums, topics, bbPress settings and more
• MainWP: Keep a log of MainWP network changes and see the activity logs of all child sites from one central location - the MainWP dashboard
• Advanced Custom Fields: Keep a log of changes to post types, taxonomies, and taxonomy terms
• Redirection: Keep a log of changes to redirections and redirection groups

Other Noteworthy Features Both free and premium editions of WP Activity Log include a number of non-logging specific features that make the plugin a complete WordPress logging solution. Here is what is included: Free

• Built-in support for reverse proxies and web application firewalls
• Integration with WhatIsMyIpAddress.com allow you to get all information about an IP address with just a mouse click.
• Limit who can view the WordPress activity log by users or roles
• Settings to enable/disable individual event IDs from the activity log
• Configurable dashboard widget highlighting the most recent critical activity
• Configurable WordPress activity log retention policies
• User avatar is displayed in the events for better recognizability
• And much more!

Premium Everything that's included in the Free edition, plus: - Full WordPress multisite support - Easily create your custom alerts & notifications to monitor additional functionality - Import/export plugin settings - Real-time activity log in WordPress admin toolbar - And much more! Free and premium plugin support If you encounter any issues with the free edition of WP Activity Log, you can post and get help on the WordPress.org support forums. You can also find more technical information and plugin documentation on the Melapress knowledge base. Premium plugins include a full year of free updates and dedicated one-to-one premium email support. This means you get direct access to our support team who will assist you with any questions or issues related to the plugins. As featured on:

• Kinsta
• Pagely
• Shout Me Loud
• The Dev Couple
• WPKube
• Techwibe
• Tidy Repo
• KitPloit
• and many others.

MAINTAINED & SUPPORTED BY MELAPRESS Melapress develops high-quality WordPress management and security plugins such as Melapress Login Security, CAPTCHA 4WP, and WP 2FA. Browse our list of WordPress security and administration plugins to see how our plugins can help you better manage and improve the security and administration of your WordPress websites and users.

5.3.2 (2025-02-18) Improvement * Updated the upgrade script so the weekly summary email is disabled by default when upgrading from older versions. 5.3.1 (2025-02-13) Improvement * Improved some of the WP CLI confirmation messages. * Removed the "red dot" typically associated with plugin upgrades when the update message is displayed. Bug fixes * Fixed: If the plugin is updated to 5.3.0 via composer or WP CLI and no administrator is already (allowing the plugin to set some settings) the message “You do not have sufficient rights to access this page” is displayed on the website login page. * Fixed: Custom recipient email addresses for weekly notifications was not being saved correctly in the plugin settings. * Improved the database sensor to ensure that Event IDs 5010, 5011, and 5012 are now accurately reported. 5.3.0 (2025-02-11) New activity log event IDs (improved coverage) * ID 6319 - Changed the status of the Weekly activity log summary email. * ID 6328 - Modified the recipients of Weekly activity log summary email. * ID 5030 - A plugin failed to install. X New activity log event IDs for WooCommerce * ID 9157 - Enabled the setting to limit the purchase of a product to 1 item per order. * ID 9158 - Disabled the setting to limit the purchase of a product to 1 item per order. * ID 9159 - Changed the Store visibility status. * ID 9160 - A new review was posted. * ID 9161 - A product review was unapproved. * ID 9162 - A product review was approved. * ID 9163 - A product review was marked as spam. * ID 9164 - A product review was moved to trash. * ID 9165 - A product review was restored from trash. * ID 9166 - A product review was permanently deleted. * ID 9167 - A product review was edited. New activity log event IDs for Yoast SEO * ID 8872 - Changed the "Personal logo" in the Organization/Person setting. * ID 8859 - Enabled / disabled a site feature in the plugin settings (this ID replaces 8815, 8817, 8819, 8844, 8846, and 8828, which remain part of the plugin to ensure backward compatibility). * ID 8860 - Changed the status of the crawl optimization settings in the plugin settings. New features * Weekly email summary in the Free edition. Security fix * Fixed a XSS vulnerability reported by zer0gh0st (D.Sim) Plugin & functionality improvements * Improved the "Reverse proxy / WAF support" feature by adding more HTTP headers to choose from, and allowing users to specify custom HTTP headers. * "Super Admin" is now available as a "role" criteria in the custom notifications trigger builder, enabling one to set up notifications based on this user role. * Updated the metadata description for event ID 9042 to cater for WooCommerce's latest changes related to product visibility changes. * Improved the cron jobs loaded by the Free edition by removing some redundant ones. * Created a new category in the "Enable/Disable events" page called "Activity Log" and moved a number of events from the "WordPress & System". * Updated the event ID 6048 metadata to cater for the improved Reverse Proxy / Firewall Option. * Improved the database migration script (for when migrating from versions prioir to 4.6) to better handle data on large multisite networks. * Standardised the text format across the plugin pages. * Increased the limit of subsites displayed on multisite networks from 15 to 150 for a better handling and filtering of logs on larger multisite networks. * Removed the check and notice for the obsolete WP Activity Log extensions for third party plugins. * Updated the first-time configuration wizard and also included a new step for enabling weekly summary notifications. * Adjusted the loading of translation files to adapt the plugin to a change introduced in WordPress 6.7. * Added a new filter hook wsal_message_before_mirror to customize logs mirrored to third parties - list of WP Activity Log hooks. * Extended the list of supported WP CLI commands for WP Activity Log. * Improved the WP_Log_In_Out_Sensor to accommodate recent updates in the wp_login_failed action. * WooCommerce event ID 9133 now reports when fee values inside an order are modified. * WooCommerce event ID 9076 now logs enabling or disabling of a payment method. * WooCommerce event ID 9072 is no longer redundantly appearing when a new product (ID 9001) is published. * WooCommerce event ID 9155 metadata now clearly states that notes were added to an order instead of "comments". * Event IDs 8806, 8813, 8814, 8822, 8824, 8828, 8830, 8831, 8832, 8836, 8837, 8863, 8864, 8865, 8868, 8869, and 8870 in Yoast SEO were updated and are now compatible with the latest versions of the plugin. * Merged several Yoast SEO event IDs into the new ID 8859 to track plugin settings modifications while maintaining backward compatibility. Bug fixes * Fixed duplicated Event IDs (10000 and 10010) generated when creating new post types using ACF. * Fixed a bug preventing ID 9138 from being reported when a new WooCommerce product was copied to a draft. * Fixed intermittent fatal errors when resetting plugin settings or purging logs when WP Activity Log is installed on MainWP. * Resolved issues with WooCommerce ID 9086 and ID 9040 not being properly reported. * Fixed PHP errors when WooCommerce orders contain products with no ID. * Improved support for UTF-8 characters in custom notifications. * Fixed a bug preventing ID 5003 (User deleted a plugin) to not be reported on newer Wordpress core versions. * Fixed WooCommerce event 9105 not reporting Order name correctly when the order contains different products. * Fixed a PHP error that occurs during plugin updates when the Shield Security plugin is active simultaneously with WP Activity Log. * Fixed a bug causing some WP Activity Log Events to be disabled from monitoring after some time. * Fixed a bug in the Woocommerce sensor causing strange behavior when WP Activity Log is enabled along with Woocommerce + HPOS order mode + Deposits - Partial Payments Plugin. * Fixed a PHP error that could occur when a new WooCommerce order is placed containing products with no ID. * Fixed a PHP Warning related to the WP Activity Log widget in the dashboard. Refer to the complete plugin changelog for more detailed information about what was new, improved and fixed in previous version updates of WP Activity Log.